JSON SQL Injection and the Lessons LearnedThis document discusses JSON SQL injection and lessons learned from vulnerabilities in SQL query builders. It describes how user-supplied JSON input containing operators instead of scalar values could manipulate queries by injecting conditions like id!='-1' instead of a specific id value. This allows accessing unintended data. The document examines how SQL::QueryMaker and a strict mode in SQL::Mak
Web Framework Benchmarksと Perl の現状報告会 YAPC::Asia Tokyo 2014 LT
